aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorMike Perry <mikeperry-git@torproject.org>2018-04-16 22:49:27 +0000
committerMike Perry <mikeperry-git@torproject.org>2018-04-26 21:28:28 +0000
commit35e79021165a4dcabff807002e5b49cea593edb6 (patch)
tree325b49bc68c57397a474e0182117b7d941bc8f42 /src
parentc5899d5cf3a761f4049c1d6f05232731edcfeb57 (diff)
downloadtor-35e79021165a4dcabff807002e5b49cea593edb6.tar.gz
tor-35e79021165a4dcabff807002e5b49cea593edb6.zip
Bug 25733: Avoid assert failure if all circuits time out.
Prior to #23100, we were not counting HS circuit build times in our calculation of the timeout. This could lead to a condition where our timeout was set too low, based on non HS circuit build times, and then we would abandon all HS circuits, storing no valid timeouts in the histogram. This commit avoids the assert.
Diffstat (limited to 'src')
-rw-r--r--src/or/circuitstats.c20
1 files changed, 18 insertions, 2 deletions
diff --git a/src/or/circuitstats.c b/src/or/circuitstats.c
index b8421a3c7e..7d83d6a5d1 100644
--- a/src/or/circuitstats.c
+++ b/src/or/circuitstats.c
@@ -767,11 +767,23 @@ circuit_build_times_get_xm(circuit_build_times_t *cbt)
histogram[nth_max_bin[n]]);
}
- /* The following assert is safe, because we don't get called when we
- * haven't observed at least CBT_MIN_MIN_CIRCUITS_TO_OBSERVE circuits. */
+ /* bin_counts can become zero if all of our last CBT_NCIRCUITS_TO_OBSERVE
+ * circuits were abandoned before they completed. This shouldn't happen,
+ * though. We should have reset/re-learned a lower timeout first. */
+ if (bin_counts == 0) {
+ ret = 0;
+ log_warn(LD_CIRC,
+ "No valid circuit build time data out of %d times, %u modes, "
+ "have_timeout=%d, %lfms", cbt->total_build_times, num_modes,
+ cbt->have_computed_timeout, cbt->timeout_ms);
+ goto done;
+ }
+
tor_assert(bin_counts > 0);
ret /= bin_counts;
+
+ done:
tor_free(histogram);
tor_free(nth_max_bin);
@@ -1057,6 +1069,10 @@ circuit_build_times_update_alpha(circuit_build_times_t *cbt)
* and less frechet-like. */
cbt->Xm = circuit_build_times_get_xm(cbt);
+ /* If Xm came back 0, then too many circuits were abandoned. */
+ if (cbt->Xm == 0)
+ return 0;
+
tor_assert(cbt->Xm > 0);
for (i=0; i< CBT_NCIRCUITS_TO_OBSERVE; i++) {